Lingering certificate errors from retired CA

  • Thread starter Thread starter Dave_E_S
  • Start date Start date
D

Dave_E_S

Guest
Hello,

We had a 2008 R2 Certificate authority on our domain. It was retired incorrectly and the certificate it had was expired. I am seeing some lingering errors in event logs from servers and workstations like the following

1.Automatic certificate enrollment for domain\user failed (0x800706ba) The RPC server is unavailable.

2.DCOM was unable to communicate with the computer retiredcertificateauthority.fqdn using any of the configured protocols; requested by PID 7d4 (C:\Windows\system32\taskhost.exe).

3.Certificate enrollment for domain\user failed to enroll for a Timecard certificate with request ID N/A from retiredcertificateauthority.fqdn\certauth (The RPC server is unavailable. 0x800706ba (WIN32: 1722 RPC_S_SERVER_UNAVAILABLE)).

4. Certificate enrollment for domain\user failed in authentication to all urls for enrollment server associated with policy id: {3FD46004-1D84-4DC7-A185-0B19BE195DA1} (The RPC server is unavailable. 0x800706ba (WIN32: 1722 RPC_S_SERVER_UNAVAILABLE)). Failed to enroll for template: Timecard

Timecard refers to an older internal application we used that was secured with the certificate.
How can I clear up these errors? I looked through all of our group policies and none of them refer to the old expired certificate or the retired certificate authority. I am fairly sure these error are appearing on workstations and servers, even servers that have been added after the certificate authority was removed. We use a couple of certificates upstream from us that are applied by group policy. I don't want to disrupt those certificates.


Thanks for any help on this.

DS

Continue reading...
 
Back
Top